HTTPS Certificates
For the GDPR-compliant use of GlobaLeaks, encryption via HTTPS is necessary.
Add Domain and Generate Certificate
As a customer of the OpenSource Whistleblower Portal, you will receive active assistance to set this up (a video call if available). Please contact Support.
Prerequisites
To configure a domain in GlobaLeaks, the DNS-server for the desired hostname must already point to the IP address or CNAME of the GlobaLeaks server.
A hostname looks like this: hinweise.example.org.
After setup, it usually takes up to 60 minutes for your changes to propagate on the internet. You must wait for this.
Workflow in GlobaLeaks
In this workflow, you will create a certificate from Let's Encrypt. This is free for you, and the certificate will be automatically renewed.
-
Go to Network > Tab HTTPS (selected by default). Enter your hostname and click Save.
-
GlobaLeaks will validate the DNS entry in the background and then indicate that the domain has been linked (if the DNS entry has already propagated). Select Continue in the Automatic Configuration option.
-
This process may take some time.
-
Any errors will be displayed as notifications.
If this happens to you:
- First reload the page,
- then Delete all stored keys (PEM),
- click Reset, and
- reload the page again.
- Then start the process again.
-
If the certificate generation is successful, you only need to click Activate.
Once the HTTPS certificate is activated, you will see the URL and certificates.
Verify the successful setup by accessing the hostname in the browser.
